Blog 14 min read

SaMD: USA, China, and EU Definitions, Classifications, and Regulatory Developments

Mar 22, 2023 SaMD: USA, China, and EU Definitions, Classifications, and Regulatory Developments

Software as a medical device (SaMD) has become increasingly important in the medical industry, offering innovative solutions for diagnosis, treatment, and monitoring. The use of SaMD has been growing rapidly and with it, the need for increased regulation. Different countries have different regulations for SaMD, making it essential for medical device manufacturers and compliance teams to stay informed on these regulations. In this blog, we will cover the different definitions and classifications of SaMD in the US, China, and the EU, as well as recent developments in the regulation of SaMD.

*This blog was updated on March 22nd 2023. Further regulatory developments may have occurred after publication.
To keep up-to-date with the latest compliance news, sign up to our newsletter.

Definitions and Classifications of SaMD in the US, China, and the EU

SaMD Definition and Classification in the United States

In the United States , SaMD is classified as a medical device according to the FDA (Food & Drug Administration) Act. The FDA Act defines SaMD as “software that is intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device”. The FDA  categorized SaMD based on its level of risk to patients, with higher-risk devices subject to greater regulatory scrutiny.

SaMD is classified as either a Class I, II, or III device, with Class III devices being the highest risk. The FDA uses the risk-based classification to determine the regulatory requirements for SaMD, including the type and extent of testing required for premarket approval. The classification of SaMD is critical for regulatory compliance and market access in the United States, as it ensures that the software meets the appropriate regulatory requirements and is safe and effective for patients. The FDA has issued guidance for the content of premarket submissions for software contained in medical devices, which includes standalone software applications and hardware-based devices that incorporate software.

SaMD Definition and Classification in China

In China, SaMD is defined as “Software intended for one or more medical purposes that runs on general-purpose computing platforms and performs those purposes without being part of a hardware medical device”(China Administrative Regulations on Manufacturing Software as a Medical Device). The China Rules on Classification of Medical Devices and Catalogue are a set of regulations established by the China National Medical Products Administration (NMPA) to classify medical devices and ensure their safety and effectiveness. The rules provide guidelines for the classification of medical devices based on their intended use and their potential risks to patients. The classification system ranges from Class I, which includes low-risk devices such as medical bandages and surgical gloves, to Class III, which includes high-risk devices such as implantable pacemakers and artificial hearts.

SaMD Definition and Classification in the Eurpean Union

In the European Union (EU), The International Medical Device Regulators Forum (IMDRF) defines SaMD as “software intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device”. This definition emphasizes the independent nature of SaMD and the fact that it can function without being part of a larger medical device. The EU MDR also specifies that SaMD is a standalone medical device and must comply with the same regulations as other medical devices in terms of safety and performance. Furthermore, the EU MDR requires that SaMD be classified according to the level of risk it poses to patients, users, and others. 

The IMDRF’s Guidance on Possible Framework for Risk Categorization and Corresponding Considerations is a comprehensive document that aims to provide a clearer definition of software as a medical device (SaMD) and its associated risk categorization. The guidance provides several clarifying points to the SaMD definition, which would help with the identification and classification of SaMD.

Important Regulatory Developments

USA

  • In October 2022, the FDA approved the list  Artificial Intelligence and Machine Learning (AI/ML)-Enabled Medical Devices, a list of over 100 AI/ML-enabled medical devices that have received clearance or approval by the FDA. The list aims to provide transparency and increase awareness of the use of AI/ML in medical devices.
  • In September 2022, the FDA issued the guidance document Policy for Device Software Functions and Mobile Medical Applications. This guidance provides regulatory clarity on the requirements for mobile medical applications and software functions in medical devices. The guidance outlines the different types of medical software and the regulatory requirements for each type, including when a software function is considered a medical device and subject to regulatory review.
  • The FDA has recently updated its Medical Device Regulation to incorporate more modern technology, including software and cybersecurity.

China

EU

  • The European Commission released a new Manual on Borderline and Classification for Medical Devices under Regulation (EU) 2017/745 on medical devices and Regulation (EU) 2017/746 on in vitro diagnostic medical devices in December 2022. The Manual helps manufacturers determine if their products fall under the Regulations and promotes consistency across EU Member States when faced with borderline products. It replaces the previous Manual on Borderline and Classification in the Community Regulatory Framework for Medical Devices and includes additional examples of products on the borderline between medical devices and medicinal products.
  • The Guidance on Cybersecurity for Medical Devices is another important development for the medical device sector. This document outlines the regulatory requirements for cybersecurity for medical devices under the Medical Devices Regulation (MDR) and the In Vitro Diagnostic Regulation (IVDR). It aims to provide manufacturers with guidance on how to assess cybersecurity risks and to implement cybersecurity measures to ensure the safety and security of medical devices.

While the US and EU have had more mature regulatory frameworks in place for SaMD for some time, China is rapidly catching up, with recent developments indicating a more sophisticated and nuanced approach to the regulation of SaMD. Overall, the regulation of SaMD is a complex and ever-evolving landscape, with significant variations between different countries and regions. However, recent developments suggest that regulators are becoming more sophisticated in their approach to SaMD, with a focus on ensuring patient safety while also promoting innovation and market access for SaMD developers. It is important for SaMD developers to stay up-to-date on regulatory developments in all countries and regions where they intend to market their products, in order to ensure compliance with local regulations and best practices.

Stay Ahead Of The Evolving Regulatory Landscape in Medical Devices:

Unlock Market Access

Accelerate your ability to achieve, maintain & expand market access for all medical device products in global markets with C2P. C2P is your key to unlocking market access, and is trusted by more than 300 of the world’s leading brands. C2P is an enterprise SaaS platform providing everything you need in one place to achieve your business objectives by proving compliance in over 195 countries.

C2P is purpose-built to be tailored to your specific needs with comprehensive capabilities that enable enterprise-wide management of regulations, standards, requirements and evidence. Add-on packages help accelerate market access through use-case-specific solutions, global regulatory content, a global team of subject matter experts and professional services. 

  • Accelerate time-to-market for products
  • Reduce non-compliance risks that impact your ability to meet business goals and cause reputational damage
  • Enable business continuity by digitizing your compliance process and building corporate memory
  • Improve efficiency and enable your team to focus on business critical initiatives rather than manual tasks
  • Save time with access to Compliance & Risks’ extensive Knowledge Partner network

Contact us to speak to one of our team today to learn how you can simplify your compliance process. For more information, please visit www.complianceandrisks.com

Interested in knowing more about the specific solutions that C2P has to offer for your compliance needs?

Talk to us to know more.